docker · pcaskey · Jul 17, 2017 · Jul 17, 2017 · Jul 17, 2017
diff --git a/configBuilder.sh b/configBuilder.sh
@@ -512,8 +512,9 @@ echo "Creating sanitized config for hybrid build..."
 echo ""
 destPath=./ConfigNoSecrets
 cp -rf `realpath ${PWD}`/. $destPath >/dev/null 2>>/dev/null
+mkdir -p ./ConfigNoSecrets/SECRETS
 
-# remove secrets
+# move secrets
 mv -f $destPath/config/shib-idp/conf/idp.properties $destPath/SECRETS/idp.properties > /dev/null
 mv -f $destPath/config/shib-idp/conf/ldap.properties $destPath/SECRETS/ldap.properties > /dev/null
 mv -f $destPath/credentials/shib-idp/sealer.jks $destPath/SECRETS/sealer.jks > /dev/null
@@ -526,7 +527,7 @@ mv -f $destPath/credentials/tomcat/keystore.jks $destPath/SECRETS/keystore.jks >
 mv -f $destPath/config/shib-idp/conf/relying-party.xml $destPath/SECRETS/relying-party.xml > /dev/null
 mv -f $destPath/config/shib-idp/conf/attribute-filter.xml $destPath/SECRETS/attribute-filter.xml > /dev/null
 mv -f $destPath/config/shib-idp/conf/attribute-resolver.xml $destPath/SECRETS/attribute-resolver.xml > /dev/null
-mv -f $destPath/config/shib-idp/conf/metadata-sources.xml $destPath/SECRETS/metadata-sources.xml > /dev/null
+mv -f $destPath/config/shib-idp/conf/metadata-providers.xml $destPath/SECRETS/metadata-providers.xml > /dev/null
 
 echo ""
 echo Your secrets were removed from the main config and stored in $destPath/SECRETS
@@ -572,7 +573,30 @@ if [ ${BURNMOUNT} == "burn" ]; then
   echo "RUN"
   echo ""
   echo "           docker run -d --name shib-idp -p 8443:8443 my/shibb-idp-tier"
-
+elif [ ${BURNMOUNT} == "hybrid" ]; then
+  echo "Since you have elected to use a hybrid config, the steps for "
+  echo "  you to build and run a TIER Shibboleth-IdP container are below."
+  echo "BUILD"
+  echo " It will be necessary to specify where to find your config at build-time, but with a hybrid config, "
+  echo "      you'll want to point it to a config that has no \"secrets\""
+  echo ""
+  echo "To do this, point an environment variable at the alternate location (created by this script):"
+  echo "          export ALTCFG=ConfigNoSecrets"
+  echo ""
+  echo "          docker build --rm -t my/shibb-idp-tier --build-arg TOMCFG=${ALTCFG}/config/tomcat \\
+                   --build-arg TOMLOG=${ALTCFG}/logs/tomcat \\
+                   --build-arg TOMCERT=${ALTCFG}/credentials/tomcat \\
+                   --build-arg TOMWWWROOT=${ALTCFG}/wwwroot \\
+                   --build-arg SHBCFG=${ALTCFG}/config/shib-idp/conf \\
+                   --build-arg SHBCREDS=${ALTCFG}/credentials/shib-idp \\
+                   --build-arg SHBVIEWS=${ALTCFG}/config/shib-idp/views \\
+                   --build-arg SHBEDWAPP=${ALTCFG}/config/shib-idp/edit-webapp \\
+                   --build-arg SHBMSGS=${ALTCFG}/config/shib-idp/messages \\
+                   --build-arg SHBMD=${ALTCFG}/config/shib-idp/metadata \\
+                   --build-arg SHBLOG=${ALTCFG}/logs/shib-idp ."
+  echo ""
+  echo "Next, you would create the appropriate docker secrets and run as a swarm service.  See documentation wiki for more info."
+  echo ""
 else 
   echo "Since you have elected to use a mounted config, the steps for "
   echo "  you to build and run a TIER Shibboleth-IdP container are below."